b761ca282bceae06bea4a669f1394fdb_JaffaCakes118 | Triage

Sharing

General

Target

b761ca282bceae06bea4a669f1394fdb_JaffaCakes118
Size

384KB
MD5

b761ca282bceae06bea4a669f1394fdb
SHA1

c9fc74ec6bde5af3f9f7c317a413b2a8a8093c5e
SHA256

e7e511d386dae6066fc9b6d53761f5aa2061e399119e02be54a598e5ef24a8ea
SHA512

667c22923044faedc13ff2517d3293b7661c5124ca2e483a261e5f149ed48c6ef293a13e0f5f653d590eeddf7fc10496f6abf26cdd7e75e8ce9cafc6547f5462
SSDEEP

1536:ZMmOt6bJFBooG1HSnJ5ASD9RClDsDqeSNoUebN4ZQEmGA2XD:VOcbJFBooGMJugDrW1eUebu8piD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b761ca282bceae06bea4a669f1394fdb_JaffaCakes118

Files

b761ca282bceae06bea4a669f1394fdb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

03ca7ecc08d84f84ca634fb9f3daec69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetSystemMetrics

advapi32

OpenServiceW

msvcp100

?_Xlength_error@std@@YAXPBD@Z

msvcr100

free

Sections

.MPRESS1
Size: 31KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE